Guest Book
In the previous tutorials we've looked at cases where only the user responsible for the site would be using an interface to interact with the database. This means file-locking wouldn't be as critical a concern as where multiple users are utilizing the interface. This is because the situation where one user is interacting with the database only happens once a time (theoretically if everything works ok and the user isn't purposely trying to create an error).
However, in the case of a guest book it is likely that two users may interface with your database at the same time. This means file-locking is a more important consideration.
REQUIREMENTS
- Concepts and fundamentals of the previous tutorials
LIMITATIONS
This example does not take into account administrative capabilities such as removing entries from the guest book or banning ips, spam prevention, etc. It requires the administrator to actively monitor the guest book and to remove the table rows manually by accessing the table via FTP or some other web interface to the server. NO FILE PERMISSIONS are given.
STRUCTURE
One file does all the work of accepting entries into the guestbook and displaying those entries to the public.
CODE
This will involve more of a general commentary on the code rather than a step by step explanation.
- Create the Mimesis object
- Check if data was passed via the POST method of the form on the page
- Ensure the data passed isn't potentially dangerous to be displayed (i.e. it contains no HTML tags or javascript). This is done simply by replacing all '<' with '<'
- Include the time the posts were made to sort by date entered into guest book
- Lock the table, but in this case include the seconds to wait before polling the lock again to ensure that it will be acquired. By default Mimesis only tries to acquire the lock once, in this case we want it to continue trying to get a lock for as long as the script is running
- Write the guest's info into the database
- Release the lock on the table
- Retrieve all entries into the database (assuming they exist) and sort them by the date
- Output them to a table
- Display the guest book entry form
<?php
require_once('mimesis/Mimesis.php');
$cwd = realpath(dirname(__FILE__));
$tableName = 'guests';
$mimesis = new Mimesis($cwd, $tableName, 'ts_' . $tableName);
if(isset($_POST['signature']) && isset($_POST['comment'])){
$guestData = array(
'signature' => stripslashes(str_replace('<', '<', $_POST['signature'])),
'comment' => stripslashes(str_replace('<', '<', $_POST['comment'])),
'date' => time()
);
if($mimesis->lock(1)){
$rowLabel = reset(@$mimesis->entries());
$rowLabel = str_pad($rowLabel, 8, '0', STR_PAD_LEFT);
$mimesis->insertRow(array($rowLabel => $guestData));
}else{
trigger_error('Could not acquire lock on table', E_USER_ERROR);
}
$mimesis->release();
}
if($mimesis->tableExists()){
$guestData = $mimesis->query();
foreach($guestData as $key => $row){
$sort[$key] = $row['date'];
}
array_multisort($sort, SORT_DESC, $guestData);
if($guestData > 0){
echo '<table>';
echo '<tr>';
echo '<th>';
echo 'Date';
echo '</th>';
echo '<th>';
echo 'Guest';
echo '</th>';
echo '<th>';
echo 'Comment';
echo '</th>';
echo '</tr>';
foreach($guestData as $key => $value){
echo '<tr id="' . $key . '">';
echo '<td>';
echo date('r', $value['date']);
echo '</td>';
echo '<td>';
echo $value['signature'];
echo '</td>';
echo '<td>';
echo $value['comment'];
echo '</td>';
echo '</tr>';
}
echo '</table>';
}else{
echo 'No guests have signed.';
}
}
echo '<form method="POST" action="' . basename(__FILE__) . '">';
echo '<input type="text" name="signature">';
echo '<input type="text" name="comment">';
echo '<input type="submit">';
echo '</form>';
?>